Amir,<br><br> Thanks for the comments. Haven&#39;t read the doc yet but yeah any system with poor implementation = flawed by default. Curious what this document has to say<br><br>-BRIAN RITCHIE<br><br><div class="gmail_quote">

<div>Yes, with improper/poor implementation your might face the problems. DNSSEC uses public key cryptography and you need to maintain it. Administrating DNS is a fun stuff when you are enabling DNSSEC in your production (you need to know more). Come on, you know should read these RFCs 4033, 4034, 4035 and 5011. If anyone got doubt about DNSSEC, we can discuss about it. Root server will enable DNSSEC in production by July this year and for .my in Q4 this year. UDPPoke, Poke, Poker, TCPPoke... great.</div>

To post to this group, send email to <a href="mailto:mysecurity@googlegroups.com" target="_blank">mysecurity@googlegroups.com</a>.<br>To unsubscribe from this group, send email to <a href="mailto:mysecurity%2Bunsubscribe@googlegroups.com" target="_blank">mysecurity+unsubscribe@googlegroups.com</a>.<br>

For more options, visit this group at <a href="http://groups.google.com/group/mysecurity?hl=en" target="_blank">http://groups.google.com/group/mysecurity?hl=en</a>.<br><br></font></blockquote></div><br><br></div></div>_______________________________________________<br>